selinux设置

永久设置

查看selinux

查看/etc/selinux/config文件

#enforce:开启;disabled:关闭;premissive:关闭但有警告提示
[root@localhost ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     ukmls - Multi Level Security protection.
#     ukmcs -ukmcs variants of the SELinux policy.
SELINUXTYPE=ukmcs

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

关闭selinux

将/etc/selinux/config文件的SELINUX选项改为disabled

[root@localhost ~]# vim /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     ukmls - Multi Level Security protection.
#     ukmcs -ukmcs variants of the SELinux policy.
SELINUXTYPE=ukmcs

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

提示selinux

将/etc/selinux/config文件的SELINUX选项改为permissive

[root@localhost ~]# vim /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     ukmls - Multi Level Security protection.
#     ukmcs -ukmcs variants of the SELinux policy.
SELINUXTYPE=ukmcs

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0

开启selinux

将/etc/selinux/config文件的SELINUX选项改为enforcing

[root@localhost ~]# vim /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     ukmls - Multi Level Security protection.
#     ukmcs -ukmcs variants of the SELinux policy.
SELINUXTYPE=ukmcs

# SETLOCALDEFS= Check local definition changes
SETLOCALDEFS=0
posted @ 2022-09-02 11:36  (应鑫)  阅读(319)  评论(0)    收藏  举报